zig_example 0.3.2 → 0.3.3.1

data/ext/openssl/ossl_ts.h

@@ -1,16 +0,0 @@
-/*
- *
- * Copyright (C) 2010 Martin Bosslet <Martin.Bosslet@googlemail.com>
- * All rights reserved.
- */
-/*
- * This program is licenced under the same licence as Ruby.
- * (See the file 'LICENCE'.)
- */
-
-#if !defined(_OSSL_TS_H_)
-#define _OSSL_TS_H_
-
-void Init_ossl_ts(void);
-
-#endif

data/ext/openssl/ossl_x509.c

@@ -1,256 +0,0 @@
-/*
- * 'OpenSSL for Ruby' project
- * Copyright (C) 2001-2002  Michal Rokos <m.rokos@sh.cvut.cz>
- * All rights reserved.
- */
-/*
- * This program is licensed under the same licence as Ruby.
- * (See the file 'LICENCE'.)
- */
-#include "ossl.h"
-
-VALUE mX509;
-
-#define DefX509Const(x) rb_define_const(mX509, #x, INT2NUM(X509_##x))
-#define DefX509Default(x,i) \
-  rb_define_const(mX509, "DEFAULT_" #x, rb_str_new2(X509_get_default_##i()))
-
-ASN1_TIME *
-ossl_x509_time_adjust(ASN1_TIME *s, VALUE time)
-{
-    time_t sec;
-
-    int off_days;
-
-    ossl_time_split(time, &sec, &off_days);
-    return X509_time_adj_ex(s, off_days, 0, &sec);
-}
-
-void
-Init_ossl_x509(void)
-{
-#if 0
-    mOSSL = rb_define_module("OpenSSL");
-#endif
-
-    mX509 = rb_define_module_under(mOSSL, "X509");
-
-    Init_ossl_x509attr();
-    Init_ossl_x509cert();
-    Init_ossl_x509crl();
-    Init_ossl_x509ext();
-    Init_ossl_x509name();
-    Init_ossl_x509req();
-    Init_ossl_x509revoked();
-    Init_ossl_x509store();
-
-    /* Constants are up-to-date with 1.1.1. */
-
-    /* Certificate verification error code */
-    DefX509Const(V_OK);
-#if defined(X509_V_ERR_UNSPECIFIED) /* 1.0.1r, 1.0.2f, 1.1.0 */
-    DefX509Const(V_ERR_UNSPECIFIED);
-#endif
-    DefX509Const(V_ERR_UNABLE_TO_GET_ISSUER_CERT);
-    DefX509Const(V_ERR_UNABLE_TO_GET_CRL);
-    DefX509Const(V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE);
-    DefX509Const(V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE);
-    DefX509Const(V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY);
-    DefX509Const(V_ERR_CERT_SIGNATURE_FAILURE);
-    DefX509Const(V_ERR_CRL_SIGNATURE_FAILURE);
-    DefX509Const(V_ERR_CERT_NOT_YET_VALID);
-    DefX509Const(V_ERR_CERT_HAS_EXPIRED);
-    DefX509Const(V_ERR_CRL_NOT_YET_VALID);
-    DefX509Const(V_ERR_CRL_HAS_EXPIRED);
-    DefX509Const(V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD);
-    DefX509Const(V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD);
-    DefX509Const(V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD);
-    DefX509Const(V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD);
-    DefX509Const(V_ERR_OUT_OF_MEM);
-    DefX509Const(V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT);
-    DefX509Const(V_ERR_SELF_SIGNED_CERT_IN_CHAIN);
-    DefX509Const(V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY);
-    DefX509Const(V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE);
-    DefX509Const(V_ERR_CERT_CHAIN_TOO_LONG);
-    DefX509Const(V_ERR_CERT_REVOKED);
-    DefX509Const(V_ERR_INVALID_CA);
-    DefX509Const(V_ERR_PATH_LENGTH_EXCEEDED);
-    DefX509Const(V_ERR_INVALID_PURPOSE);
-    DefX509Const(V_ERR_CERT_UNTRUSTED);
-    DefX509Const(V_ERR_CERT_REJECTED);
-    DefX509Const(V_ERR_SUBJECT_ISSUER_MISMATCH);
-    DefX509Const(V_ERR_AKID_SKID_MISMATCH);
-    DefX509Const(V_ERR_AKID_ISSUER_SERIAL_MISMATCH);
-    DefX509Const(V_ERR_KEYUSAGE_NO_CERTSIGN);
-    DefX509Const(V_ERR_UNABLE_TO_GET_CRL_ISSUER);
-    DefX509Const(V_ERR_UNHANDLED_CRITICAL_EXTENSION);
-    DefX509Const(V_ERR_KEYUSAGE_NO_CRL_SIGN);
-    DefX509Const(V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION);
-    DefX509Const(V_ERR_INVALID_NON_CA);
-    DefX509Const(V_ERR_PROXY_PATH_LENGTH_EXCEEDED);
-    DefX509Const(V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE);
-    DefX509Const(V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED);
-    DefX509Const(V_ERR_INVALID_EXTENSION);
-    DefX509Const(V_ERR_INVALID_POLICY_EXTENSION);
-    DefX509Const(V_ERR_NO_EXPLICIT_POLICY);
-    DefX509Const(V_ERR_DIFFERENT_CRL_SCOPE);
-    DefX509Const(V_ERR_UNSUPPORTED_EXTENSION_FEATURE);
-    DefX509Const(V_ERR_UNNESTED_RESOURCE);
-    DefX509Const(V_ERR_PERMITTED_VIOLATION);
-    DefX509Const(V_ERR_EXCLUDED_VIOLATION);
-    DefX509Const(V_ERR_SUBTREE_MINMAX);
-    DefX509Const(V_ERR_APPLICATION_VERIFICATION);
-    DefX509Const(V_ERR_UNSUPPORTED_CONSTRAINT_TYPE);
-    DefX509Const(V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX);
-    DefX509Const(V_ERR_UNSUPPORTED_NAME_SYNTAX);
-    DefX509Const(V_ERR_CRL_PATH_VALIDATION_ERROR);
-#if defined(X509_V_ERR_PATH_LOOP)
-    DefX509Const(V_ERR_PATH_LOOP);
-#endif
-#if defined(X509_V_ERR_SUITE_B_INVALID_VERSION)
-    DefX509Const(V_ERR_SUITE_B_INVALID_VERSION);
-    DefX509Const(V_ERR_SUITE_B_INVALID_ALGORITHM);
-    DefX509Const(V_ERR_SUITE_B_INVALID_CURVE);
-    DefX509Const(V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM);
-    DefX509Const(V_ERR_SUITE_B_LOS_NOT_ALLOWED);
-    DefX509Const(V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256);
-#endif
-    DefX509Const(V_ERR_HOSTNAME_MISMATCH);
-    DefX509Const(V_ERR_EMAIL_MISMATCH);
-    DefX509Const(V_ERR_IP_ADDRESS_MISMATCH);
-#if defined(X509_V_ERR_DANE_NO_MATCH)
-    DefX509Const(V_ERR_DANE_NO_MATCH);
-#endif
-#if defined(X509_V_ERR_EE_KEY_TOO_SMALL)
-    DefX509Const(V_ERR_EE_KEY_TOO_SMALL);
-    DefX509Const(V_ERR_CA_KEY_TOO_SMALL);
-    DefX509Const(V_ERR_CA_MD_TOO_WEAK);
-#endif
-#if defined(X509_V_ERR_INVALID_CALL)
-    DefX509Const(V_ERR_INVALID_CALL);
-#endif
-#if defined(X509_V_ERR_STORE_LOOKUP)
-    DefX509Const(V_ERR_STORE_LOOKUP);
-#endif
-#if defined(X509_V_ERR_NO_VALID_SCTS)
-    DefX509Const(V_ERR_NO_VALID_SCTS);
-#endif
-#if defined(X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION)
-    DefX509Const(V_ERR_PROXY_SUBJECT_NAME_VIOLATION);
-#endif
-#if defined(X509_V_ERR_OCSP_VERIFY_NEEDED)
-    DefX509Const(V_ERR_OCSP_VERIFY_NEEDED);
-    DefX509Const(V_ERR_OCSP_VERIFY_FAILED);
-    DefX509Const(V_ERR_OCSP_CERT_UNKNOWN);
-#endif
-
-    /* Certificate verify flags */
-    /* Set by Store#flags= and StoreContext#flags=. */
-    DefX509Const(V_FLAG_USE_CHECK_TIME);
-    /* Set by Store#flags= and StoreContext#flags=. Enables CRL checking for the
-     * certificate chain leaf. */
-    DefX509Const(V_FLAG_CRL_CHECK);
-    /* Set by Store#flags= and StoreContext#flags=. Enables CRL checking for all
-     * certificates in the certificate chain */
-    DefX509Const(V_FLAG_CRL_CHECK_ALL);
-    /* Set by Store#flags= and StoreContext#flags=. Disables critical extension
-     * checking. */
-    DefX509Const(V_FLAG_IGNORE_CRITICAL);
-    /* Set by Store#flags= and StoreContext#flags=. Disables workarounds for
-     * broken certificates. */
-    DefX509Const(V_FLAG_X509_STRICT);
-    /* Set by Store#flags= and StoreContext#flags=. Enables proxy certificate
-     * verification. */
-    DefX509Const(V_FLAG_ALLOW_PROXY_CERTS);
-    /* Set by Store#flags= and StoreContext#flags=. Enables certificate policy
-     * constraints checking. */
-    DefX509Const(V_FLAG_POLICY_CHECK);
-    /* Set by Store#flags= and StoreContext#flags=.
-     * Implies V_FLAG_POLICY_CHECK */
-    DefX509Const(V_FLAG_EXPLICIT_POLICY);
-    /* Set by Store#flags= and StoreContext#flags=.
-     * Implies V_FLAG_POLICY_CHECK */
-    DefX509Const(V_FLAG_INHIBIT_ANY);
-    /* Set by Store#flags= and StoreContext#flags=.
-     * Implies V_FLAG_POLICY_CHECK */
-    DefX509Const(V_FLAG_INHIBIT_MAP);
-    /* Set by Store#flags= and StoreContext#flags=. */
-    DefX509Const(V_FLAG_NOTIFY_POLICY);
-    /* Set by Store#flags= and StoreContext#flags=. Enables some additional
-     * features including support for indirect signed CRLs. */
-    DefX509Const(V_FLAG_EXTENDED_CRL_SUPPORT);
-    /* Set by Store#flags= and StoreContext#flags=. Uses delta CRLs. If not
-     * specified, deltas are ignored. */
-    DefX509Const(V_FLAG_USE_DELTAS);
-    /* Set by Store#flags= and StoreContext#flags=. Enables checking of the
-     * signature of the root self-signed CA. */
-    DefX509Const(V_FLAG_CHECK_SS_SIGNATURE);
-    /* Set by Store#flags= and StoreContext#flags=. When constructing a
-     * certificate chain, search the Store first for the issuer certificate.
-     * Enabled by default in OpenSSL >= 1.1.0. */
-    DefX509Const(V_FLAG_TRUSTED_FIRST);
-#if defined(X509_V_FLAG_SUITEB_128_LOS_ONLY)
-    /* Set by Store#flags= and StoreContext#flags=.
-     * Enables Suite B 128 bit only mode. */
-    DefX509Const(V_FLAG_SUITEB_128_LOS_ONLY);
-#endif
-#if defined(X509_V_FLAG_SUITEB_192_LOS)
-    /* Set by Store#flags= and StoreContext#flags=.
-     * Enables Suite B 192 bit only mode. */
-    DefX509Const(V_FLAG_SUITEB_192_LOS);
-#endif
-#if defined(X509_V_FLAG_SUITEB_128_LOS)
-    /* Set by Store#flags= and StoreContext#flags=.
-     * Enables Suite B 128 bit mode allowing 192 bit algorithms. */
-    DefX509Const(V_FLAG_SUITEB_128_LOS);
-#endif
-    /* Set by Store#flags= and StoreContext#flags=.
-     * Allows partial chains if at least one certificate is in trusted store. */
-    DefX509Const(V_FLAG_PARTIAL_CHAIN);
-#if defined(X509_V_FLAG_NO_ALT_CHAINS)
-    /* Set by Store#flags= and StoreContext#flags=. Suppresses searching for
-     * a alternative chain. No effect in OpenSSL >= 1.1.0. */
-    DefX509Const(V_FLAG_NO_ALT_CHAINS);
-#endif
-#if defined(X509_V_FLAG_NO_CHECK_TIME)
-    /* Set by Store#flags= and StoreContext#flags=. Suppresses checking the
-     * validity period of certificates and CRLs. No effect when the current
-     * time is explicitly set by Store#time= or StoreContext#time=. */
-    DefX509Const(V_FLAG_NO_CHECK_TIME);
-#endif
-
-    /* Set by Store#purpose=. SSL/TLS client. */
-    DefX509Const(PURPOSE_SSL_CLIENT);
-    /* Set by Store#purpose=. SSL/TLS server. */
-    DefX509Const(PURPOSE_SSL_SERVER);
-    /* Set by Store#purpose=. Netscape SSL server. */
-    DefX509Const(PURPOSE_NS_SSL_SERVER);
-    /* Set by Store#purpose=. S/MIME signing. */
-    DefX509Const(PURPOSE_SMIME_SIGN);
-    /* Set by Store#purpose=. S/MIME encryption. */
-    DefX509Const(PURPOSE_SMIME_ENCRYPT);
-    /* Set by Store#purpose=. CRL signing */
-    DefX509Const(PURPOSE_CRL_SIGN);
-    /* Set by Store#purpose=. No checks. */
-    DefX509Const(PURPOSE_ANY);
-    /* Set by Store#purpose=. OCSP helper. */
-    DefX509Const(PURPOSE_OCSP_HELPER);
-    /* Set by Store#purpose=. Time stamps signer. */
-    DefX509Const(PURPOSE_TIMESTAMP_SIGN);
-
-    DefX509Const(TRUST_COMPAT);
-    DefX509Const(TRUST_SSL_CLIENT);
-    DefX509Const(TRUST_SSL_SERVER);
-    DefX509Const(TRUST_EMAIL);
-    DefX509Const(TRUST_OBJECT_SIGN);
-    DefX509Const(TRUST_OCSP_SIGN);
-    DefX509Const(TRUST_OCSP_REQUEST);
-    DefX509Const(TRUST_TSA);
-
-    DefX509Default(CERT_AREA, cert_area);
-    DefX509Default(CERT_DIR, cert_dir);
-    DefX509Default(CERT_FILE, cert_file);
-    DefX509Default(CERT_DIR_ENV, cert_dir_env);
-    DefX509Default(CERT_FILE_ENV, cert_file_env);
-    DefX509Default(PRIVATE_DIR, private_dir);
-}

data/ext/openssl/ossl_x509.h

@@ -1,115 +0,0 @@
-/*
- * 'OpenSSL for Ruby' project
- * Copyright (C) 2001-2002  Michal Rokos <m.rokos@sh.cvut.cz>
- * All rights reserved.
- */
-/*
- * This program is licensed under the same licence as Ruby.
- * (See the file 'LICENCE'.)
- */
-#if !defined(_OSSL_X509_H_)
-#define _OSSL_X509_H_
-
-/*
- * X509 main module
- */
-extern VALUE mX509;
-
-/*
- * Converts the VALUE into Integer and set it to the ASN1_TIME. This is a
- * wrapper for X509_time_adj_ex() so passing NULL creates a new ASN1_TIME.
- * Note that the caller must check the NULL return.
- */
-ASN1_TIME *ossl_x509_time_adjust(ASN1_TIME *, VALUE);
-
-void Init_ossl_x509(void);
-
-/*
- * X509Attr
- */
-extern VALUE cX509Attr;
-extern VALUE eX509AttrError;
-
-VALUE ossl_x509attr_new(X509_ATTRIBUTE *);
-X509_ATTRIBUTE *GetX509AttrPtr(VALUE);
-void Init_ossl_x509attr(void);
-
-/*
- * X509Cert
- */
-extern VALUE cX509Cert;
-extern VALUE eX509CertError;
-
-VALUE ossl_x509_new(X509 *);
-X509 *GetX509CertPtr(VALUE);
-X509 *DupX509CertPtr(VALUE);
-void Init_ossl_x509cert(void);
-
-/*
- * X509CRL
- */
-extern VALUE cX509CRL;
-extern VALUE eX509CRLError;
-
-VALUE ossl_x509crl_new(X509_CRL *);
-X509_CRL *GetX509CRLPtr(VALUE);
-void Init_ossl_x509crl(void);
-
-/*
- * X509Extension
- */
-extern VALUE cX509Ext;
-extern VALUE cX509ExtFactory;
-extern VALUE eX509ExtError;
-
-VALUE ossl_x509ext_new(X509_EXTENSION *);
-X509_EXTENSION *GetX509ExtPtr(VALUE);
-void Init_ossl_x509ext(void);
-
-/*
- * X509Name
- */
-extern VALUE cX509Name;
-extern VALUE eX509NameError;
-
-VALUE ossl_x509name_new(X509_NAME *);
-X509_NAME *GetX509NamePtr(VALUE);
-void Init_ossl_x509name(void);
-
-/*
- * X509Request
- */
-extern VALUE cX509Req;
-extern VALUE eX509ReqError;
-
-X509_REQ *GetX509ReqPtr(VALUE);
-void Init_ossl_x509req(void);
-
-/*
- * X509Revoked
- */
-extern VALUE cX509Rev;
-extern VALUE eX509RevError;
-
-VALUE ossl_x509revoked_new(X509_REVOKED *);
-X509_REVOKED *DupX509RevokedPtr(VALUE);
-void Init_ossl_x509revoked(void);
-
-/*
- * X509Store and X509StoreContext
- */
-extern VALUE cX509Store;
-extern VALUE cX509StoreContext;
-extern VALUE eX509StoreError;
-
-X509_STORE *GetX509StorePtr(VALUE);
-
-void Init_ossl_x509store(void);
-
-/*
- * Calls the verify callback Proc (the first parameter) with given pre-verify
- * result and the X509_STORE_CTX.
- */
-int ossl_verify_cb_call(VALUE, int, X509_STORE_CTX *);
-
-#endif /* _OSSL_X509_H_ */

data/ext/openssl/ossl_x509attr.c

@@ -1,324 +0,0 @@
-/*
- * 'OpenSSL for Ruby' project
- * Copyright (C) 2001 Michal Rokos <m.rokos@sh.cvut.cz>
- * All rights reserved.
- */
-/*
- * This program is licensed under the same licence as Ruby.
- * (See the file 'LICENCE'.)
- */
-#include "ossl.h"
-
-#define NewX509Attr(klass) \
-    TypedData_Wrap_Struct((klass), &ossl_x509attr_type, 0)
-#define SetX509Attr(obj, attr) do { \
-    if (!(attr)) { \
-	ossl_raise(rb_eRuntimeError, "ATTR wasn't initialized!"); \
-    } \
-    RTYPEDDATA_DATA(obj) = (attr); \
-} while (0)
-#define GetX509Attr(obj, attr) do { \
-    TypedData_Get_Struct((obj), X509_ATTRIBUTE, &ossl_x509attr_type, (attr)); \
-    if (!(attr)) { \
-	ossl_raise(rb_eRuntimeError, "ATTR wasn't initialized!"); \
-    } \
-} while (0)
-
-/*
- * Classes
- */
-VALUE cX509Attr;
-VALUE eX509AttrError;
-
-static void
-ossl_x509attr_free(void *ptr)
-{
-    X509_ATTRIBUTE_free(ptr);
-}
-
-static const rb_data_type_t ossl_x509attr_type = {
-    "OpenSSL/X509/ATTRIBUTE",
-    {
-	0, ossl_x509attr_free,
-    },
-    0, 0, RUBY_TYPED_FREE_IMMEDIATELY,
-};
-
-/*
- * Public
- */
-VALUE
-ossl_x509attr_new(X509_ATTRIBUTE *attr)
-{
-    X509_ATTRIBUTE *new;
-    VALUE obj;
-
-    obj = NewX509Attr(cX509Attr);
-    if (!attr) {
-	new = X509_ATTRIBUTE_new();
-    } else {
-	new = X509_ATTRIBUTE_dup(attr);
-    }
-    if (!new) {
-	ossl_raise(eX509AttrError, NULL);
-    }
-    SetX509Attr(obj, new);
-
-    return obj;
-}
-
-X509_ATTRIBUTE *
-GetX509AttrPtr(VALUE obj)
-{
-    X509_ATTRIBUTE *attr;
-
-    GetX509Attr(obj, attr);
-
-    return attr;
-}
-
-/*
- * Private
- */
-static VALUE
-ossl_x509attr_alloc(VALUE klass)
-{
-    X509_ATTRIBUTE *attr;
-    VALUE obj;
-
-    obj = NewX509Attr(klass);
-    if (!(attr = X509_ATTRIBUTE_new()))
-	ossl_raise(eX509AttrError, NULL);
-    SetX509Attr(obj, attr);
-
-    return obj;
-}
-
-/*
- * call-seq:
- *    Attribute.new(oid [, value]) => attr
- */
-static VALUE
-ossl_x509attr_initialize(int argc, VALUE *argv, VALUE self)
-{
-    VALUE oid, value;
-    X509_ATTRIBUTE *attr, *x;
-    const unsigned char *p;
-
-    GetX509Attr(self, attr);
-    if(rb_scan_args(argc, argv, "11", &oid, &value) == 1){
-	oid = ossl_to_der_if_possible(oid);
-	StringValue(oid);
-	p = (unsigned char *)RSTRING_PTR(oid);
-	x = d2i_X509_ATTRIBUTE(&attr, &p, RSTRING_LEN(oid));
-	DATA_PTR(self) = attr;
-	if(!x){
-	    ossl_raise(eX509AttrError, NULL);
-	}
-	return self;
-    }
-    rb_funcall(self, rb_intern("oid="), 1, oid);
-    rb_funcall(self, rb_intern("value="), 1, value);
-
-    return self;
-}
-
-static VALUE
-ossl_x509attr_initialize_copy(VALUE self, VALUE other)
-{
-    X509_ATTRIBUTE *attr, *attr_other, *attr_new;
-
-    rb_check_frozen(self);
-    GetX509Attr(self, attr);
-    GetX509Attr(other, attr_other);
-
-    attr_new = X509_ATTRIBUTE_dup(attr_other);
-    if (!attr_new)
-	ossl_raise(eX509AttrError, "X509_ATTRIBUTE_dup");
-
-    SetX509Attr(self, attr_new);
-    X509_ATTRIBUTE_free(attr);
-
-    return self;
-}
-
-/*
- * call-seq:
- *    attr.oid = string => string
- */
-static VALUE
-ossl_x509attr_set_oid(VALUE self, VALUE oid)
-{
-    X509_ATTRIBUTE *attr;
-    ASN1_OBJECT *obj;
-    char *s;
-
-    GetX509Attr(self, attr);
-    s = StringValueCStr(oid);
-    obj = OBJ_txt2obj(s, 0);
-    if(!obj) ossl_raise(eX509AttrError, NULL);
-    if (!X509_ATTRIBUTE_set1_object(attr, obj)) {
-	ASN1_OBJECT_free(obj);
-	ossl_raise(eX509AttrError, "X509_ATTRIBUTE_set1_object");
-    }
-    ASN1_OBJECT_free(obj);
-
-    return oid;
-}
-
-/*
- * call-seq:
- *    attr.oid => string
- */
-static VALUE
-ossl_x509attr_get_oid(VALUE self)
-{
-    X509_ATTRIBUTE *attr;
-    ASN1_OBJECT *oid;
-    BIO *out;
-    VALUE ret;
-    int nid;
-
-    GetX509Attr(self, attr);
-    oid = X509_ATTRIBUTE_get0_object(attr);
-    if ((nid = OBJ_obj2nid(oid)) != NID_undef)
-	ret = rb_str_new2(OBJ_nid2sn(nid));
-    else{
-	if (!(out = BIO_new(BIO_s_mem())))
-	    ossl_raise(eX509AttrError, NULL);
-	i2a_ASN1_OBJECT(out, oid);
-	ret = ossl_membio2str(out);
-    }
-
-    return ret;
-}
-
-/*
- * call-seq:
- *    attr.value = asn1 => asn1
- */
-static VALUE
-ossl_x509attr_set_value(VALUE self, VALUE value)
-{
-    X509_ATTRIBUTE *attr;
-    VALUE asn1_value;
-    int i, asn1_tag;
-
-    OSSL_Check_Kind(value, cASN1Data);
-    asn1_tag = NUM2INT(rb_attr_get(value, rb_intern("@tag")));
-    asn1_value = rb_attr_get(value, rb_intern("@value"));
-    if (asn1_tag != V_ASN1_SET)
-	ossl_raise(eASN1Error, "argument must be ASN1::Set");
-    if (!RB_TYPE_P(asn1_value, T_ARRAY))
-	ossl_raise(eASN1Error, "ASN1::Set has non-array value");
-
-    GetX509Attr(self, attr);
-    if (X509_ATTRIBUTE_count(attr)) { /* populated, reset first */
-	ASN1_OBJECT *obj = X509_ATTRIBUTE_get0_object(attr);
-	X509_ATTRIBUTE *new_attr = X509_ATTRIBUTE_create_by_OBJ(NULL, obj, 0, NULL, -1);
-	if (!new_attr)
-	    ossl_raise(eX509AttrError, NULL);
-	SetX509Attr(self, new_attr);
-	X509_ATTRIBUTE_free(attr);
-	attr = new_attr;
-    }
-
-    for (i = 0; i < RARRAY_LEN(asn1_value); i++) {
-	ASN1_TYPE *a1type = ossl_asn1_get_asn1type(RARRAY_AREF(asn1_value, i));
-	if (!X509_ATTRIBUTE_set1_data(attr, ASN1_TYPE_get(a1type),
-				      a1type->value.ptr, -1)) {
-	    ASN1_TYPE_free(a1type);
-	    ossl_raise(eX509AttrError, NULL);
-	}
-	ASN1_TYPE_free(a1type);
-    }
-
-    return value;
-}
-
-/*
- * call-seq:
- *    attr.value => asn1
- */
-static VALUE
-ossl_x509attr_get_value(VALUE self)
-{
-    X509_ATTRIBUTE *attr;
-    STACK_OF(ASN1_TYPE) *sk;
-    VALUE str;
-    int i, count, len;
-    unsigned char *p;
-
-    GetX509Attr(self, attr);
-    /* there is no X509_ATTRIBUTE_get0_set() :( */
-    if (!(sk = sk_ASN1_TYPE_new_null()))
-	ossl_raise(eX509AttrError, "sk_new");
-
-    count = X509_ATTRIBUTE_count(attr);
-    for (i = 0; i < count; i++)
-	sk_ASN1_TYPE_push(sk, X509_ATTRIBUTE_get0_type(attr, i));
-
-    if ((len = i2d_ASN1_SET_ANY(sk, NULL)) <= 0) {
-	sk_ASN1_TYPE_free(sk);
-	ossl_raise(eX509AttrError, NULL);
-    }
-    str = rb_str_new(0, len);
-    p = (unsigned char *)RSTRING_PTR(str);
-    if (i2d_ASN1_SET_ANY(sk, &p) <= 0) {
-	sk_ASN1_TYPE_free(sk);
-	ossl_raise(eX509AttrError, NULL);
-    }
-    ossl_str_adjust(str, p);
-    sk_ASN1_TYPE_free(sk);
-
-    return rb_funcall(mASN1, rb_intern("decode"), 1, str);
-}
-
-/*
- * call-seq:
- *    attr.to_der => string
- */
-static VALUE
-ossl_x509attr_to_der(VALUE self)
-{
-    X509_ATTRIBUTE *attr;
-    VALUE str;
-    int len;
-    unsigned char *p;
-
-    GetX509Attr(self, attr);
-    if((len = i2d_X509_ATTRIBUTE(attr, NULL)) <= 0)
-	ossl_raise(eX509AttrError, NULL);
-    str = rb_str_new(0, len);
-    p = (unsigned char *)RSTRING_PTR(str);
-    if(i2d_X509_ATTRIBUTE(attr, &p) <= 0)
-	ossl_raise(eX509AttrError, NULL);
-    ossl_str_adjust(str, p);
-
-    return str;
-}
-
-/*
- * X509_ATTRIBUTE init
- */
-void
-Init_ossl_x509attr(void)
-{
-#if 0
-    mOSSL = rb_define_module("OpenSSL");
-    eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError);
-    mX509 = rb_define_module_under(mOSSL, "X509");
-#endif
-
-    eX509AttrError = rb_define_class_under(mX509, "AttributeError", eOSSLError);
-
-    cX509Attr = rb_define_class_under(mX509, "Attribute", rb_cObject);
-    rb_define_alloc_func(cX509Attr, ossl_x509attr_alloc);
-    rb_define_method(cX509Attr, "initialize", ossl_x509attr_initialize, -1);
-    rb_define_method(cX509Attr, "initialize_copy", ossl_x509attr_initialize_copy, 1);
-    rb_define_method(cX509Attr, "oid=", ossl_x509attr_set_oid, 1);
-    rb_define_method(cX509Attr, "oid", ossl_x509attr_get_oid, 0);
-    rb_define_method(cX509Attr, "value=", ossl_x509attr_set_value, 1);
-    rb_define_method(cX509Attr, "value", ossl_x509attr_get_value, 0);
-    rb_define_method(cX509Attr, "to_der", ossl_x509attr_to_der, 0);
-}